[GRASS-dev] GSoC 2014: GRAS GIS Web UI
Glynn Clements
glynn at gclements.plus.com
Tue Mar 11 02:40:04 PDT 2014
Hamish wrote:
> And even in a chroot jail a few big loops could use up all the given
> RAM or disk space by mistake or on purpose.
Memory limits can be enforced by setrlimit(), via the "ulimit" shell
command or the pam_limits module.
However, you can't set cumulative limits[1]. You can limit the memory
usage of an invidivual process, and limit the total number of
processes for a single user (UID), but you can't set a cumulative
limit below the product of the maximum number of processes times the
maximum memory per process.
Disk usage can be restricted by using quotas or by creating a separate
filesytem (e.g. on a loop device) for each account.
CPU usage can be restricted on a per-process basis via setrlimit()
etc. Again, there's no way to set a cumulative limit. Also, "nice" can
be used to de-prioritise processes so that more important processes
aren't pre-empted.
[1] On Linux, control groups (cgroups) can be used to "partition"
system resources. Virtual machines are another potential solution,
albeit a rather heavy-weight one.
--
Glynn Clements <glynn at gclements.plus.com>
More information about the grass-dev
mailing list